Hello everyone, this is my first write up on my own room! This room is titled “crackme0019301933” which can be found at ‘https://tryhackme.com/room/crackme0019301933'. This room is rated medium, of course the completion time varies on your hardware.
Task 1, cracking
So starting off with question one we’ll see one of the files we downloaded is named “hash1.txt”. Let’s identify that hash!
So in this screenshot i figure out what hash type it is by first checking the file with hashid, then I check the individual hash with haiti and since they both come up with the same results but of course haiti will be closer to it’s actual hash type than hashid I use the first result of haiti. After that I run hashcat to find the hash, but since I’ve already cracked it I added ‘— show’ but if you have not cracked it already then get rid of ‘ — show’. The output should give you the answer to question one!
In this screenshot I use hashid to check the hashes in the file then I use haiti to check the hashtype of the hash in the file for a second time, same technique as last question which I’ll use for every question just to double check before running any tests. I used ‘hashcat -m 17600 hash2.txt ../rockyou.txt — quiet’ to crack the hash but it does depend on where your ‘rockyou.txt’ is stored, I also chose ‘ — quiet’ because I wanted more room to take a screenshot. After you crack the hash the answer should be inside of the output.
Same as before I used hashid on the file then I used haiti on the hash itself, after that I ran ‘john hash4.txt -wordlist=”../rockyou.txt” — format=dynamic_300’. Of course the wordlist section is based off where rockyou.txt is stored on your system. The output of this command should give you the answer to task 4, as we have skipped task 3 because it was a freebie.
Same as before I used hashid on the file then I used haiti on the hash itself, after that I ran ‘john hash5.txt -wordlist=”../rockyou.txt” — format=whirlpool’. Of course the wordlist section is based off where rockyou.txt is stored on your system. The output of this command should give you the answer to task 5.
Same as before but with two different hashes. In this task you have to see which hash is actually the answer, I used ‘john hash6.txt — format=snefru-256 — wordlist=”../rockyou.txt”’ To crack the hashes.
Same as before but my gut instincts told me to try ntlm first because why would anyone put md5 in a cryptography ctf. I ran ‘hashcat -m 1000 hash7.txt ../rockyou.txt — quiet’ to crack the hash, which will also be the answer to the question.
Well everyone, I think it’s about time I wrapped this up. Goodluck with hacking and maybe we’ll meet again in another writeup. :D
Discord: 0x.sweat#2311
